2017 12th International Conference on Computer Engineering and Systems (ICCES)
This paper presents a novel approach to protect Openflow switches against a type of Denial of Ser... more This paper presents a novel approach to protect Openflow switches against a type of Denial of Service (DoS) attacks. Openflow switches are the core of Software Defined Networks (SDN) and they are very flexible, programmable, and can be used for several functionalities within a network. As the control algorithm of the switch is implemented on a separate computer (Controller), this software can be implemented on any part of the network packet including Layers 2, 3, and 4 headers. Therefore, an Openflow switch can work as a conventional switch, a router or a firewall. The open design of Openflow makes it vulnerable to several types of DoS attacks. One of those attacks is to overwhelm the switch flow table with entities larger than its buffer making legitimate packets unable to traverse the switch. The proposed approach depends on a Sandbox like model, where a second switch and controller is implemented and all new packets with no matching rules are forwarded to the Sandbox. The Sandbox clone is monitored and controlled, so a forwarding rule is always created on the Sandbox switch and transferred only to the working switch when it is classified as a normal rule. Otherwise, a cleanup operation is executed periodically on the sandbox switch to remove malicious rules. Rules are classified based on the statistics entries already existing in Openflow switches flow table. The proposed approach is simple and does not need any extra memory or modifications in the switches. It is proven to mitigate this type of DoS attacks.
Nowadays, malware and malware incidents are increasing daily, even with various anti-viruses syst... more Nowadays, malware and malware incidents are increasing daily, even with various anti-viruses systems and malware detection or classification methodologies. Many static, dynamic, and hybrid techniques have been presented to detect malware and classify them into malware families. Dynamic and hybrid malware classification methods have advantages over static malware classification methods by being highly efficient. Since it is difficult to mask malware behavior while executing than its underlying code in static malware classification, machine learning techniques have been the main focus of the security experts to detect malware and determine their families dynamically. The rapid increase of malware also brings the necessity of recent and updated datasets of malicious software. We introduce two new, updated datasets in this work: One with 9,795 samples obtained and compiled from VirusSamples and the one with 14,616 samples from VirusShare. This paper also analyzes multi-class malware cla...
2020 5th International Conference on Computer Science and Engineering (UBMK), 2020
The contents on the Word Wide Web is expanding every second providing web users a rich content. H... more The contents on the Word Wide Web is expanding every second providing web users a rich content. However, this situation may cause web users harm rather than good due to its harmful or misleading information. The harmful contents can contain text, audio, video, or image that can be about violence, adult contents, or any other harmful information. Especially young people may readily be affected with these harmful information psychologically. To prevent youth from these harmful contents, various web filtering techniques, such as keyword filtering, Uniform Resource Locator (URL) based filtering, Intelligent analysis, and semantic analysis, are used. We propose an algorithm that can classify websites, which may contain adult contents, with 67.81% (BERT) accuracy among 32 unique categories. We also show that a BERT model gives higher accuracy than both the Sequential and Functional API models when used for text classification.
2017 IEEE International Conference on Big Data (Big Data), 2017
Most of the existing products rating score algorithms do not take fake accounts and time decay of... more Most of the existing products rating score algorithms do not take fake accounts and time decay of users' ratings into account when creating the list of recommendations. The trust values and the time decay of users' ratings to an item may improve the quality of product rating score in e-commerce platforms, especially when it is thought that nowadays the majority of customers read the reviews before making a purchase. In this paper, we first introduce the concept trust value of users by explaining its mathematical definition and redefine the product rating score based on users' trust relationship. Then we calculate the product rating score based on time decay by making the concept time decay clear. After that we execute both algorithms together in order to show their both effects on the quality of product rating score. Finally, we present experimentally effectiveness of three approaches on a large real dataset.
ELEC-04 Cybersecurity notion has largely been related to, or has been perceived to be relevant to... more ELEC-04 Cybersecurity notion has largely been related to, or has been perceived to be relevant to, the computer systems connected to Internet up to the recent years. However, its effect on critical infrastructures, such as those in electrical power systems, gas and oil, and communication systems etc., has only recently began to be studied. A recent cybersecurity research interest in the SCADA (Supervisory Control and Data Acquisition) systems, which is a special case of industrial control systems (ICS), is now gaining momentum. This interest is highly important and needs be widened especially as the word Smart “Things” (for example Smart Grid) applications and the use of the Internet of Things (IoT) devices become prevalent. We propose a systematic approach towards the assessment of cyber security related vulnerabilities for a given SCADA system, which includes: risk-value related to the vulnerabilities and a prioritized list of precautions to lower the risks mentioned.
2021 6th International Conference on Computer Science and Engineering (UBMK), 2021
Awareness, in the sense of security, builds the backbone of operations understanding the current ... more Awareness, in the sense of security, builds the backbone of operations understanding the current and future cyber activities. Situation awareness has become the focal point of securing systems due to dynamic nature of cyber domain. Technological advancements cause the volatility to transform into upcoming challenges. Understanding those is the key to keep cyber Situation Awareness (SA) progression. Earlier studies define required steps to administer cyber SA. These steps (perceive, comprehend, project, and resolve) are also adapted to cyber domain. Rapid technological changes redefine the content of those and thus, it creates demands improving automated tools, which play as systematic factor in nurturing SA. As a system factor, SIEM tools can be basis for comprehending cyber domain. In this work, we investigate recent studies contributed mainly to SIEM (Security Information and Event Management) tool’s enhancement to evaluate current state and help predict upcoming challenges for maintaining awareness. We use various criteria in our investigation such as; architecture improvement, affected SIEM process, utilized CTI (Cyber Threat Intelligence) artefact, implementation area, and type of produced result. In doing so, we aim to impart upward trends on CSA (Cyber Situation Awareness) to academia and industry professionals.
2019 4th International Conference on Computer Science and Engineering (UBMK), 2019
With the bloom of financial technology and innovations aiming to deliver a high standard of finan... more With the bloom of financial technology and innovations aiming to deliver a high standard of financial services, banks and credit service companies, along with other financial institutions, use the most recent technologies available in a variety of ways from addressing the information asymmetry, matching the needs of borrowers and lenders, to facilitating transactions using payment services. In the long list of FinTechs, one of the most attractive platforms is the Peer-to-Peer (P2P) lending which aims to bring the investors and borrowers hand in hand, leaving out the traditional intermediaries like banks. The main purpose of a financial institution as an intermediary is of controlling risk and P2P lending platforms innovate and use new ways of risk assessment. In the era of Big Data, using a diverse source of information from spending behaviors of customers, social media behavior, and geographic information along with traditional methods for credit scoring prove to have new insights for the proper and more accurate credit scoring. In this study, we investigate the machine learning techniques on big data platforms, analyzing the credit scoring methods. It has been concluded that on a HDFS (Hadoop Distributed File System) environment, Logistic Regression performs better than Decision Tree and Random Forest for credit scoring and classification considering performance metrics such as accuracy, precision and recall, and the overall run time of algorithms. Logistic Regression also performs better in time in a single node HDFS configuration compared to a non-HDFS configuration.
2018 3rd International Conference on Computer Science and Engineering (UBMK), 2018
Deep learning is a subfield of machine learning and deep neural architectures can extract high le... more Deep learning is a subfield of machine learning and deep neural architectures can extract high level features automatically without handcraft feature engineering unlike traditional machine learning algorithms. In this paper, we propose a method, which combines feature extraction layers of a convolutional neural network with traditional machine learning algorithms, such as, support vector machine, gradient boosting machines, and random forest. All of the proposed hybrid models and the above mentioned machine learning algorithms are trained on three different datasets: MNIST, Fashion-MNIST, and CIFAR-10. Results show that the proposed hybrid models are more successful than traditional models while they are being trained from raw pixel values. In this study, we empower traditional machine learning algorithms for classification using feature extraction ability of deep neural network architectures and we are inspired by transfer learning methodology to this.
The partitioned inverse method has been demonstrated to be quite effective for parallel sparse ma... more The partitioned inverse method has been demonstrated to be quite effective for parallel sparse matrix solutions on massively parallel machines. Though experiments on CM-2 have illustrated the advantage of using partitions, Intel iPSC/860 multiprocessor only favors fewer and denser partitions, particularly in the case of extremely sparse matrices. Different decomposition and communication algorithms are investigated here on the iPSC/860 to improve the performance. The decomposition is done in an interleave fashion in two different directions (row-wise and column-wise). The need for synchronization due to the interchange of intermediate solution vectors makes load balancing an important factor in obtaining an optimum performance.
The conjugate gradient method has been suggested as a better alternative to direct methods for th... more The conjugate gradient method has been suggested as a better alternative to direct methods for the solution of certain large sparse linear systems A x = b, where A is symmetric and positive definite. Efficiency considerations often require that the conjugate gradient method be accelerated by preconditioning (a linear transformation of A). One of the most widely used preconditioners is based on the incomplete LU factors of A. Positive definite preconditioner matrices assure convergence. However, the incomplete factorization for a symmetric and positive definite matrix is not necessarily positive definite. This paper provides significant theoretical insights into the conjugate gradient method for matrices arising from several classes of power systems problems. The paper also presents a new preconditioner (based on a one-time complete factorization) that is guaranteed to be positive definite.
2017 12th International Conference on Computer Engineering and Systems (ICCES)
This paper presents a novel approach to protect Openflow switches against a type of Denial of Ser... more This paper presents a novel approach to protect Openflow switches against a type of Denial of Service (DoS) attacks. Openflow switches are the core of Software Defined Networks (SDN) and they are very flexible, programmable, and can be used for several functionalities within a network. As the control algorithm of the switch is implemented on a separate computer (Controller), this software can be implemented on any part of the network packet including Layers 2, 3, and 4 headers. Therefore, an Openflow switch can work as a conventional switch, a router or a firewall. The open design of Openflow makes it vulnerable to several types of DoS attacks. One of those attacks is to overwhelm the switch flow table with entities larger than its buffer making legitimate packets unable to traverse the switch. The proposed approach depends on a Sandbox like model, where a second switch and controller is implemented and all new packets with no matching rules are forwarded to the Sandbox. The Sandbox clone is monitored and controlled, so a forwarding rule is always created on the Sandbox switch and transferred only to the working switch when it is classified as a normal rule. Otherwise, a cleanup operation is executed periodically on the sandbox switch to remove malicious rules. Rules are classified based on the statistics entries already existing in Openflow switches flow table. The proposed approach is simple and does not need any extra memory or modifications in the switches. It is proven to mitigate this type of DoS attacks.
Nowadays, malware and malware incidents are increasing daily, even with various anti-viruses syst... more Nowadays, malware and malware incidents are increasing daily, even with various anti-viruses systems and malware detection or classification methodologies. Many static, dynamic, and hybrid techniques have been presented to detect malware and classify them into malware families. Dynamic and hybrid malware classification methods have advantages over static malware classification methods by being highly efficient. Since it is difficult to mask malware behavior while executing than its underlying code in static malware classification, machine learning techniques have been the main focus of the security experts to detect malware and determine their families dynamically. The rapid increase of malware also brings the necessity of recent and updated datasets of malicious software. We introduce two new, updated datasets in this work: One with 9,795 samples obtained and compiled from VirusSamples and the one with 14,616 samples from VirusShare. This paper also analyzes multi-class malware cla...
2020 5th International Conference on Computer Science and Engineering (UBMK), 2020
The contents on the Word Wide Web is expanding every second providing web users a rich content. H... more The contents on the Word Wide Web is expanding every second providing web users a rich content. However, this situation may cause web users harm rather than good due to its harmful or misleading information. The harmful contents can contain text, audio, video, or image that can be about violence, adult contents, or any other harmful information. Especially young people may readily be affected with these harmful information psychologically. To prevent youth from these harmful contents, various web filtering techniques, such as keyword filtering, Uniform Resource Locator (URL) based filtering, Intelligent analysis, and semantic analysis, are used. We propose an algorithm that can classify websites, which may contain adult contents, with 67.81% (BERT) accuracy among 32 unique categories. We also show that a BERT model gives higher accuracy than both the Sequential and Functional API models when used for text classification.
2017 IEEE International Conference on Big Data (Big Data), 2017
Most of the existing products rating score algorithms do not take fake accounts and time decay of... more Most of the existing products rating score algorithms do not take fake accounts and time decay of users' ratings into account when creating the list of recommendations. The trust values and the time decay of users' ratings to an item may improve the quality of product rating score in e-commerce platforms, especially when it is thought that nowadays the majority of customers read the reviews before making a purchase. In this paper, we first introduce the concept trust value of users by explaining its mathematical definition and redefine the product rating score based on users' trust relationship. Then we calculate the product rating score based on time decay by making the concept time decay clear. After that we execute both algorithms together in order to show their both effects on the quality of product rating score. Finally, we present experimentally effectiveness of three approaches on a large real dataset.
ELEC-04 Cybersecurity notion has largely been related to, or has been perceived to be relevant to... more ELEC-04 Cybersecurity notion has largely been related to, or has been perceived to be relevant to, the computer systems connected to Internet up to the recent years. However, its effect on critical infrastructures, such as those in electrical power systems, gas and oil, and communication systems etc., has only recently began to be studied. A recent cybersecurity research interest in the SCADA (Supervisory Control and Data Acquisition) systems, which is a special case of industrial control systems (ICS), is now gaining momentum. This interest is highly important and needs be widened especially as the word Smart “Things” (for example Smart Grid) applications and the use of the Internet of Things (IoT) devices become prevalent. We propose a systematic approach towards the assessment of cyber security related vulnerabilities for a given SCADA system, which includes: risk-value related to the vulnerabilities and a prioritized list of precautions to lower the risks mentioned.
2021 6th International Conference on Computer Science and Engineering (UBMK), 2021
Awareness, in the sense of security, builds the backbone of operations understanding the current ... more Awareness, in the sense of security, builds the backbone of operations understanding the current and future cyber activities. Situation awareness has become the focal point of securing systems due to dynamic nature of cyber domain. Technological advancements cause the volatility to transform into upcoming challenges. Understanding those is the key to keep cyber Situation Awareness (SA) progression. Earlier studies define required steps to administer cyber SA. These steps (perceive, comprehend, project, and resolve) are also adapted to cyber domain. Rapid technological changes redefine the content of those and thus, it creates demands improving automated tools, which play as systematic factor in nurturing SA. As a system factor, SIEM tools can be basis for comprehending cyber domain. In this work, we investigate recent studies contributed mainly to SIEM (Security Information and Event Management) tool’s enhancement to evaluate current state and help predict upcoming challenges for maintaining awareness. We use various criteria in our investigation such as; architecture improvement, affected SIEM process, utilized CTI (Cyber Threat Intelligence) artefact, implementation area, and type of produced result. In doing so, we aim to impart upward trends on CSA (Cyber Situation Awareness) to academia and industry professionals.
2019 4th International Conference on Computer Science and Engineering (UBMK), 2019
With the bloom of financial technology and innovations aiming to deliver a high standard of finan... more With the bloom of financial technology and innovations aiming to deliver a high standard of financial services, banks and credit service companies, along with other financial institutions, use the most recent technologies available in a variety of ways from addressing the information asymmetry, matching the needs of borrowers and lenders, to facilitating transactions using payment services. In the long list of FinTechs, one of the most attractive platforms is the Peer-to-Peer (P2P) lending which aims to bring the investors and borrowers hand in hand, leaving out the traditional intermediaries like banks. The main purpose of a financial institution as an intermediary is of controlling risk and P2P lending platforms innovate and use new ways of risk assessment. In the era of Big Data, using a diverse source of information from spending behaviors of customers, social media behavior, and geographic information along with traditional methods for credit scoring prove to have new insights for the proper and more accurate credit scoring. In this study, we investigate the machine learning techniques on big data platforms, analyzing the credit scoring methods. It has been concluded that on a HDFS (Hadoop Distributed File System) environment, Logistic Regression performs better than Decision Tree and Random Forest for credit scoring and classification considering performance metrics such as accuracy, precision and recall, and the overall run time of algorithms. Logistic Regression also performs better in time in a single node HDFS configuration compared to a non-HDFS configuration.
2018 3rd International Conference on Computer Science and Engineering (UBMK), 2018
Deep learning is a subfield of machine learning and deep neural architectures can extract high le... more Deep learning is a subfield of machine learning and deep neural architectures can extract high level features automatically without handcraft feature engineering unlike traditional machine learning algorithms. In this paper, we propose a method, which combines feature extraction layers of a convolutional neural network with traditional machine learning algorithms, such as, support vector machine, gradient boosting machines, and random forest. All of the proposed hybrid models and the above mentioned machine learning algorithms are trained on three different datasets: MNIST, Fashion-MNIST, and CIFAR-10. Results show that the proposed hybrid models are more successful than traditional models while they are being trained from raw pixel values. In this study, we empower traditional machine learning algorithms for classification using feature extraction ability of deep neural network architectures and we are inspired by transfer learning methodology to this.
The partitioned inverse method has been demonstrated to be quite effective for parallel sparse ma... more The partitioned inverse method has been demonstrated to be quite effective for parallel sparse matrix solutions on massively parallel machines. Though experiments on CM-2 have illustrated the advantage of using partitions, Intel iPSC/860 multiprocessor only favors fewer and denser partitions, particularly in the case of extremely sparse matrices. Different decomposition and communication algorithms are investigated here on the iPSC/860 to improve the performance. The decomposition is done in an interleave fashion in two different directions (row-wise and column-wise). The need for synchronization due to the interchange of intermediate solution vectors makes load balancing an important factor in obtaining an optimum performance.
The conjugate gradient method has been suggested as a better alternative to direct methods for th... more The conjugate gradient method has been suggested as a better alternative to direct methods for the solution of certain large sparse linear systems A x = b, where A is symmetric and positive definite. Efficiency considerations often require that the conjugate gradient method be accelerated by preconditioning (a linear transformation of A). One of the most widely used preconditioners is based on the incomplete LU factors of A. Positive definite preconditioner matrices assure convergence. However, the incomplete factorization for a symmetric and positive definite matrix is not necessarily positive definite. This paper provides significant theoretical insights into the conjugate gradient method for matrices arising from several classes of power systems problems. The paper also presents a new preconditioner (based on a one-time complete factorization) that is guaranteed to be positive definite.
Uploads